RSA key size restriction?

Atom 'Smasher' atom-gpg at suspicious.org
Wed Dec 10 15:12:30 CET 2003


> Can you guarantee that a 4096 bit key will still be safe in 3,4 decades
> from now?
=====================
i don't think anyone can guarantee that. advances in number theory and/or
computer power could take a quantum leap that leaves any or all of these
algorithms, with any size keys, trivial to break. it's only based on our
current understanding of these things that we can ~speculate~ that the
security based in these algorithms will be secure when we wake up the next
day.

> With a 8k or even 16k key the probability would certainly be
> much higher.
=====================
assuming that the technology progresses at predictable rates (no comments
on that assumption!) then it would be reasonable to say that larger keys
will "probably" be secure for a longer time.... as a practical issue, we
have to balance our level of paranoia with our speculation of how fast
that technology will evolve, and how long our secrets need to stay secret.


> Maybe, such key sizes would be a nice extension for the --expert option
> :-)
=====================
i'll second that... the expert option does allow things that are not
considered either smart or reasonable to be done, so this should be added
on the grounds that it's probably not reasonable (for most of us!) but
some people would seem to be more comfortable with it.


 	...atom

 _______________________________________________
 PGP key - http://smasher.suspicious.org/pgp.txt
 3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
 -------------------------------------------------

	"Men occasionally stumble over the truth,
	 but most of them pick themselves up and
	 hurry off as if nothing had happened."
		-- Winston Churchill




More information about the Gnupg-users mailing list